Top Tips: Securing a datacentre

Paul Ferron, Director of Security Solutions at CA Technologies has over 15 years’ experience in Information Security. For the last 12 years he has been helping companies adopt an “Enable Business, Securely” approach that revolves around business risk. He is the author of several publications and speaks regularly on Information security events. Paul is also an active member of the Cloud Security Alliance.

Paul shares his top tips on securing a datacentre.

Over the last ten years, many organisations have come to enjoy the widespread advantages of cloud computing – from greater flexibility to scale business operations as and when appropriate, to improved agility, cost reduction and backup and recovery services. Yet, despite those apparent benefits, the perceived issues in the data centre remain a dark cloud on the horizon.

A lot of enterprise IT professionals still wonder whether the sensitive information they have entrusted their cloud providers with are protected against hackers, disgruntled employees, unintentional leaks, whistle-blowers and natural disasters. What most organisations don’t realise, however, is that the number one threat to modern datacentres is not some sort of sophisticated piece of malware, but the human element. People, not technology, are the weakest link when it comes to datacentre security.

As such, the secret to a good night’s sleep for IT managers lies in eliminating the risk of a human error. This can be done by following five, easy steps.

Eliminating virtualisation sprawl - Nowadays, the ease of copying an existing virtual machine (VM) is often too tempting for administrators who work under pressure. Instead of creating machines from scratch and applying proper security policies, the production leads are presented with insecure machines, putting the customers’ data at risk.

Creating security policies and processes for each virtual machine, while taking into consideration its function and the type of data that it stores, eliminates a chance that something can get overlooked and minimises the risk of virtualisation sprawl by ensuring that only those VMs that are absolutely necessary for the business are created. This limits the number of machines that share sensitive data and make management of sensitive information much simpler.

Introducing fine grain access control for administrators - Since datacentres are primarily the work space of administrators, organisations need to take proper precautions against unintentional and intentional human errors. The easiest way is to ensure fine grain access control for administrators. Making sure administrators are properly supervised and can only do the task that is required at hand and never gain access to important parts of the system, such as data directories and log files, prevents them from making any mistakes.

It also helps to secure the data against any potential disgruntled employees who might want to gain access and sell sensitive information to hackers, or simply leak it in hope of destroying a company’s reputation.

Implementing session recording for administrative access - The unfettered access for administrators is another common problem when it comes to datacentres. When administrative accounts are shared between different people, it is not clear who had access to which machine and who did what on those machines. As such, IT has to work harder than ever to control privileged users especially across large, complex and diverse environments.

Session recording not only enables for recording and playback of privileged user sessions but it also greatly simplifies forensic investigations and audits by providing searchable meta-data, in case of an incident, making it easier to spot exactly where errors were made and why. This makes it simpler to pin point who might be responsible and help speed up the recovery of lost data.

Properly managing third party remote access with Identity Access Management - Implementing Identity Access Management (IAM) has many benefits – it not only ensures that those who need data or services get the right access, helping speed up operations and achieve overall business goals, but it is still one of the most crucial elements of ensuring secure access to information stored in the cloud.

IAM secures data from being accessed by unauthorised users, whilst maintaining appropriate levels of security and privacy and ensuring compliance requirements can be met. IAM technology can manage user identities and their related access permissions and thus ensure that all users and services are properly authenticated, authorised and audited.

Implementing and testing Disaster Recovery - With all above steps taken, organisations should also make sure that if things do go wrong – whether as a result of a man made mistake or something truly unpredictable, there are clear policies and procedures in place that can help them quickly get back to business. When a disaster strikes it’s very important that IT managers know the steps that need to be taken to get the business back up and running again, and test those on regular basis in pre-planned simulations. That way, should the worst happen, everyone knows how to react and limit the consequences of the disruption or data loss.

There are many ways IT professionals can go about protecting data stored in the cloud. Regardless of the approach they take though, the key is to ensure the possibility of a human error is truly minimised, and that there are proper policies and procedures in place that help monitor and manage access to sensitive information. With this taken care of, your customers’ data will be protected against the unlikeliest of human mistakes.